Get API Key and Signature

To use the Street View API, you must get an API key and digital signature which you can then add
to your mobile app, website, or web server. The API key is used to track API requests associated
with your project for quota, usage, and billing. The digital signature allows our servers to verify
that any site generating requests using your API key is authorized to do so.
To learn more about API keys, see the
API Key Best Practices
and the
FAQs.

Reminder:
To use the Street View API, you must get an API key and digital signature, and you must enable
billing. You can enable billing when you get your API key (see the Quick guide)
or as a separate process (see Usage and Billing).
Note:
Before moving your mobile app, website, or web server to production, it is recommended that you
secure your API key by adding a restriction (see Restricting an API key).

Console

Quick guide

Step 1: Get an API Key

Click the button below, to get an API key using the Google Cloud Platform Console.
You will be asked to
(1) pick one or more products,
(2) select or create a project, and
(3) set up a billing account.
Once your API key is created you will be prompted to restrict the key's usage.
(For more information, see Restricting an API key.)

On the API key page, under Key restrictions,
set the Application restrictions.

Select HTTP referrers (web sites).

Add the referrers (follow the instructions).

Click Save.

Digital signatures

Requests to the Street View API must include a signature
parameter, containing a digital signature which you must generate using a
shared URL signing secret. Your shared secret is available on
the Google Cloud Platform Console.

Note: Requests without a signature will fail.

The signing process uses an encryption algorithm to combine the URL and your
shared secret. The resulting unique signature allows our servers to verify
that any site generating requests using your API key is authorized to do
so.

Step 1: Get your URL signing secret

Your cryptographic URL signing secret is available on the
Google Cloud Platform Console.
The secret, also known as a private key, is encoded in a modified
Base64 for URLs. This
secret is shared between you and Google, and is unique to your API key.
Please keep your URL signing secret secure. Do
not pass it any requests, store it on any websites, or post
it to any public forum. Anyone obtaining this URL signing secret could spoof
requests using your identity.

You can click
this
link to go directly to the GCP Console page containing your
URL signing secret. Important: In the project drop-down menu, be sure to
select the same project you used when you created the API key for Street View API.

From the Project drop-down menu, select the same project you used when you created
the API key for Street View API.

From the APIs list on the Dashboard page, click the name of the
Street View API. The API details display, with the
Overview tab open.

Click the URL signing secret tab.

To get a new URL signing secret, select Regenerate secret.
The previous secret expires 24 hours after you've generated a new one.
After the 24 hours have passed, requests containing the old secret no
longer work.

Note: The information below on using an API key applies only to the
Google Maps APIs Premium Plan, which became available on January 6, 2016.

Have a previous
Maps APIs for Work or Maps API for Business license?
See our Maps APIs for Work
Licenses guide. To determine whether you have a previous license:
> In the Google Cloud Support Portal,
click Maps: Usage Report on the left.
> If the ID at the top of the report is in the following format, you have the new
Premium Plan: gme-[company] & proj-[number] ([type])
Otherwise, you have a previous license.

Authenticating your application using an API key

To authenticate the Street View API using an API key, you will require two
authentication parameters: an API key, and a unique digital
signature.

From the Project drop-down menu, select the project created for you when you purchased the
Premium Plan. The project name starts with
Google Maps APIs for Business or Google Maps for Work or Google Maps.Important: If you have a
previous Maps API for Business license, you must use a client
ID, not an API key.

On the API key page, under Key restrictions,
set the Application restrictions.

Select HTTP referrers (web sites).

Add the referrers (follow the instructions).

Click Save.

Creating digital signatures for use with a
Premium Plan API key

For Premium Plan customers, requests to the Street View API that
use a key parameter must also include a signature parameter, containing
a digital signature which you must generate using a shared URL signing secret. Your shared secret
is available on the Google Cloud Platform Console.

The signing process uses an encryption algorithm to combine the URL and your
shared secret. The resulting unique signature allows our servers to verify
that any site generating requests using your API key is authorized to do
so.

Your cryptographic URL signing secret is available on the Google Cloud Platform Console.
The secret, also known as a private key, is encoded in a modified
Base64 for URLs. This
secret is shared between you and Google, and is unique to your API key.
Please keep your URL signing secret secure. Do
not pass it any requests, store it on any websites, or post
it to any public forum. Anyone obtaining this URL signing secret could spoof
requests using your identity.

You can click
this
link to go directly to the GCP Console page containing your
URL signing secret. Important: In the project drop-down menu, be sure to
select the project created for you when you purchased the Premium Plan.*

From the APIs list on the Dashboard page, click the name of the
Street View API. The API details display, with the
Overview tab open.

Click the URL signing secret tab.

To get a new URL signing secret, click Regenerate secret.
The previous secret expires 24 hours after you've generated a new one.
After the 24 hours have passed, requests containing the old secret no
longer work.

* Note: In the project drop-down menu, you must select
the project created for you when you purchased the Premium Plan.
The project name starts with Google Maps APIs for Business or Google Maps for Work or Google Maps.
Important: If you have a previous Maps
API for Business license, you must use a client ID, not an API key.

Step 2: Generate a digital signature, for use with API keys

Authenticating your application using a client ID and signature

To authenticate the Street View API using a client ID (instead of the
API key), two authentication parameters are required: a client ID,
and a unique digital signature.

If you were previously using an API key for authentication and are switching to
using a client ID, you must remove the key parameter before loading
the API. The API will fail to load if both a client ID and an API key are
included.

Your client ID and signature

Your client ID is used to access the special features of
Google Maps APIs Premium Plan. In the sample below, substitute YOUR_CLIENT_ID
with the client ID you got in your welcome email. All client IDs begin with a
gme- prefix.

A unique digital signature is generated using your private
cryptographic key. In the code sample below, substitute SIGNATURE with your unique
digital signature. You can find more information about generating a signature below, in the
section on digital signatures for use with client IDs.

If you have lost your client ID or private cryptographic key,
you can recover it by logging in to the
Google Cloud Support Portal
and clicking Maps: Manage Client ID from the links on the
left of the page.

Optional parameter for reports

When using a client ID for API authentication, the following optional parameter is
available for use:

channel is used to provide additional reporting detail, by
grouping different channels separately in your reports. Refer to the
Premium Plan Reporting Overview for more information.

Generate a digital signature for use with a client ID

Detailed Guide for generating digital signatures

Generating a digital signature for use with API keys

Follow these steps to create a digital signature to be used in combination with an API key
(if using a client ID, see the detailed guide below).
These instructions apply to the use of the standard API as well as
Premium Plan customers authenticating with an API key:

Construct the request URL without the signature, making sure to include
your API key in the key parameter. Note that you must
URL-encode any non-standard characters. For example:

Note: All Google services require UTF-8 character encoding (which
implicitly includes ASCII). If your applications operate using other
character sets, make sure they construct URLs using UTF-8 and properly
URL-encode them.

Strip off the domain portion of the request, leaving only the path
and the query:

To sign a URL now, enter your URL and your URL signing secret below.
The URL must have the format described in step 1 above, and be URL-encoded.

[This section requires a browser that supports JavaScript and iframes.]

Generating a digital signature for use with client IDs

Requests to the Street View API using the client parameter
also require a digital signature, generated using the
private cryptographic key provided to you in your welcome email.

The signing process combines a URL and the key together using an encryption
algorithm. The resulting unique signature allows our servers to verify that
any site generating requests using your client ID are authorized to do so.
The signature is also unique per URL, ensuring that requests that use
your client ID cannot be modified without requiring a new signature to
be generated.

Your private cryptographic key

Your private cryptographic URL-signing key will be issued with your client ID
and is a "secret shared key" between you and Google. This signing key is yours
alone and is unique to your client ID. For that reason, please keep your
signing key secure. This key should not be passed within any
requests, stored on any websites, or posted to any public forum. Anyone
obtaining this signing key could spoof requests using your identity.

Note: This private cryptographic signing key is
not the same as the API keys issued by the Google Cloud Platform Console.

If you've lost your private cryptographic key, log in to the
Google Cloud Support Portal and click
Maps: Manage Client ID to retrieve it.

Generate a digital signature for use with client IDs

Attempting to access the Street View API with an invalid signature will
result in a HTTP 403 (Forbidden) error. As you convert your applications
to use URL signing, make sure to test your signatures to ensure they
initiate a valid request. You should first test whether the original URL
is valid as well as test whether you generate the correct
signatures.

Follow these steps to create a digital signature for your request:

Construct the request URL without the signature, making sure to include your
client parameter. Note that any non-standard characters will need to
be URL-encoded:

Note: All Google services require UTF-8 character encoding (which
implicitly includes ASCII). If your applications operate using other
character sets, make sure they construct URLs using UTF-8 and properly
URL-encode them.

Strip off the domain portion of the request, leaving only the path
and the query:

Retrieve your private key, which is
encoded in a modified Base64
for URLs, and sign the URL above using the HMAC-SHA1 algorithm. You may need to
decode this key into its original binary format. Note that in most
cryptographic libraries, the resulting signature will be in binary
format.

Note: Modified Base64 for URLs replaces the + and /
characters of standard Base64 with - and _
respectively, so that these Base64 signatures no longer need to be
URL-encoded.

Encode the resulting binary signature using the modified
Base64 for URLs to convert this signature
into something that can be passed within a URL.

C#

The example below uses the default
System.Security.Cryptography library to sign a URL request.
Note that we need to convert the default Base64 encoding to implement a
URL-safe version.
(Download
the code.)

Examples in additional languages

Examples that cover more languages are available in the
url-signing
project.

Restricting an API key

Google Maps APIs are available for web browsers, Android or iOS apps, and via HTTP web services.
APIs in any platform can use an unrestricted API key. You can optionally add a
restriction (for example, HTTP referrer) to the API key. Once restricted, a key will only work on
platforms that support that type of restriction.

Note:
Before moving your app or website to production, it is recommended that you secure your API key by
adding a restriction. To learn more, see the
FAQs and
Securing an API key.

From the Project drop-down menu, select the project that contains the API key you
want to secure.

From the
Navigation menu, select APIs & Services > Credentials.

On the Credentials page, click the name of the API key that you want
to secure.

On the API key page, under Key restrictions,
set the Application restrictions.

Select HTTP referrers (web sites).

Add the referrers (follow the instructions).

Click Save.

Note: file:// referers need a special representation to be added to the
Key restriction. The "file:/" part should be replaced with "__file_url__" before being added
to the Key restriction. For example, "file:///path/to/" should be formatted as
"__file_url__//path/to/*".
After enabling file:// referers, it is recommended you regularly check your usage,
to make sure it matches your expectations.

Troubleshooting authentication issues

If your request is malformed or supplies an invalid signature, the Street View API
returns an HTTP 403 (Forbidden) error.

To troubleshoot individual URLs, you can use the
URL Signing Debugger.
It allows you to quickly validate a URL and signature generated by your application.